Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: vendors Clear
ID Title
CVE-2023-50989 Command Injection in tenda (CVE-2023-50989)
command injection in tenda (CVE-2023-50989). Successful exploitation can lead to full system takeover.
CVE-2023-50985 Out-of-Bounds Write in tenda (CVE-2023-50985)
out-of-bounds write in tenda (CVE-2023-50985). Successful exploitation can lead to full system takeover.
CVE-2023-50984 Out-of-Bounds Write in tenda (CVE-2023-50984)
out-of-bounds write in tenda (CVE-2023-50984). Successful exploitation can lead to full system takeover.
CVE-2023-50983 Command Injection in tenda (CVE-2023-50983)
command injection in tenda (CVE-2023-50983). Successful exploitation can lead to full system takeover.
CVE-2023-50986 Out-of-Bounds Write in tenda (CVE-2023-50986)
out-of-bounds write in tenda (CVE-2023-50986). Successful exploitation can lead to full system takeover.
CVE-2023-50987 Out-of-Bounds Write in tenda (CVE-2023-50987)
out-of-bounds write in tenda (CVE-2023-50987). Successful exploitation can lead to full system takeover.
CVE-2023-50918 app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
app/Controller/AuditLogsController.php in MISP before 2.4.182 mishandles ACLs for audit logs.
CVE-2023-48658 Vulnerability in misp-project (CVE-2023-48658)
vulnerability in misp-project (CVE-2023-48658). Successful exploitation can lead to full system takeover.
CVE-2023-48657 An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles filters.
CVE-2023-48656 An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
An issue was discovered in MISP before 2.4.176. app/Model/AppModel.php mishandles order clauses.
CVE-2023-48655 Vulnerability in misp-project (CVE-2023-48655)
vulnerability in misp-project (CVE-2023-48655). Successful exploitation can lead to full system takeover.
CVE-2023-48659 Vulnerability in misp-project (CVE-2023-48659)
vulnerability in misp-project (CVE-2023-48659). Successful exploitation can lead to full system takeover.
CVE-2023-46958 Code Injection in lmxcms (CVE-2023-46958)
code injection in lmxcms (CVE-2023-46958). Successful exploitation can lead to full system takeover.
CVE-2023-46010 Code Injection in seacms (CVE-2023-46010)
code injection in seacms (CVE-2023-46010). Successful exploitation can lead to full system takeover.
CVE-2023-38545 Out-of-Bounds Write in haxx (CVE-2023-38545)
out-of-bounds write in haxx (CVE-2023-38545). Successful exploitation can lead to full system takeover.
CVE-2023-43234 Code Injection in dedebiz (CVE-2023-43234)
code injection in dedebiz (CVE-2023-43234). Successful exploitation can lead to full system takeover.
CVE-2023-34576 SQL Injection in sqli (CVE-2023-34576)
SQL injection in sqli (CVE-2023-34576). Successful exploitation can lead to full system takeover.
CVE-2023-4662 Vulnerability in adobe (CVE-2023-4662)
vulnerability in adobe (CVE-2023-4662). Successful exploitation can lead to full system takeover.
CVE-2023-4661 SQL Injection in sqli (CVE-2023-4661)
SQL injection in sqli (CVE-2023-4661). Successful exploitation can lead to full system takeover.
CVE-2023-39809 Command Injection in nvki (CVE-2023-39809)
command injection in nvki (CVE-2023-39809). Successful exploitation can lead to full system takeover.
CVE-2023-39807 SQL Injection in sqli (CVE-2023-39807)
SQL injection in sqli (CVE-2023-39807). Successful exploitation can lead to full system takeover.
CVE-2023-39805 SQL Injection in sqli (CVE-2023-39805)
SQL injection in sqli (CVE-2023-39805). Successful exploitation can lead to full system takeover.
CVE-2023-38954 ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.
CVE-2023-34842 Code Injection in dedecms (CVE-2023-34842)
code injection in dedecms (CVE-2023-34842). Successful exploitation can lead to full system takeover.
CVE-2023-37647 SQL Injection in sqli (CVE-2023-37647)
SQL injection in sqli (CVE-2023-37647). Successful exploitation can lead to full system takeover.
CVE-2023-33150 Microsoft Office Security Feature Bypass Vulnerability
Microsoft Office Security Feature Bypass Vulnerability
CVE-2023-34832 Vulnerability in tp-link (CVE-2023-34832)
vulnerability in tp-link (CVE-2023-34832). Successful exploitation can lead to full system takeover.
CVE-2023-34752 SQL Injection in sqli (CVE-2023-34752)
SQL injection in sqli (CVE-2023-34752). Successful exploitation can lead to full system takeover.
CVE-2023-34944 Unrestricted File Upload in chamilo (CVE-2023-34944)
vulnerability in chamilo (CVE-2023-34944). Successful exploitation can lead to full system takeover.
CVE-2023-33532 Command Injection in netgear (CVE-2023-33532)
command injection in netgear (CVE-2023-33532). Successful exploitation can lead to full system takeover.
CVE-2023-30185 Unrestricted File Upload in crmeb (CVE-2023-30185)
vulnerability in crmeb (CVE-2023-30185). Successful exploitation can lead to full system takeover.
CVE-2023-30242 SQL Injection in sqli (CVE-2023-30242)
SQL injection in sqli (CVE-2023-30242). Successful exploitation can lead to full system takeover.
CVE-2023-23059 Vulnerability in geovision (CVE-2023-23059)
vulnerability in geovision (CVE-2023-23059). Successful exploitation can lead to full system takeover.
CVE-2023-28531 Vulnerability in openbsd (CVE-2023-28531)
vulnerability in openbsd (CVE-2023-28531). Successful exploitation can lead to full system takeover.
CVE-2022-48329 Vulnerability in misp-project (CVE-2022-48329)
vulnerability in misp-project (CVE-2022-48329). Successful exploitation can lead to full system takeover.
CVE-2022-48328 Vulnerability in misp-project (CVE-2022-48328)
vulnerability in misp-project (CVE-2022-48328). Successful exploitation can lead to full system takeover.
CVE-2022-45088 Vulnerability in gruparge (CVE-2022-45088)
vulnerability in gruparge (CVE-2022-45088). Successful exploitation can lead to full system takeover.
CVE-2020-22452 SQL Injection in sqli (CVE-2020-22452)
SQL injection in sqli (CVE-2020-22452). Successful exploitation can lead to full system takeover.
CVE-2022-46393 Out-of-Bounds Read in arm (CVE-2022-46393)
vulnerability in arm (CVE-2022-46393). Successful exploitation can lead to full system takeover.
CVE-2022-44290 SQL Injection in sqli (CVE-2022-44290)
SQL injection in sqli (CVE-2022-44290). Successful exploitation can lead to full system takeover.
CVE-2022-44291 SQL Injection in sqli (CVE-2022-44291)
SQL injection in sqli (CVE-2022-44291). Successful exploitation can lead to full system takeover.
CVE-2022-44194 Out-of-Bounds Write in netgear (CVE-2022-44194)
out-of-bounds write in netgear (CVE-2022-44194). Successful exploitation can lead to full system takeover.
CVE-2022-40842 SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-40842)
SSRF in ssrf (CVE-2022-40842). Confidential information can be exposed externally.
CVE-2022-36180 Cross-Site Scripting (XSS) in fusiondirectory (CVE-2022-36180)
cross-site scripting in fusiondirectory (CVE-2022-36180). Successful exploitation can lead to full system takeover.
CVE-2022-42122 SQL Injection in sqli (CVE-2022-42122)
SQL injection in sqli (CVE-2022-42122). Successful exploitation can lead to full system takeover. Exploitable via ``title``.
CVE-2022-42120 SQL Injection in c (CVE-2022-42120)
SQL injection in c (CVE-2022-42120). Successful exploitation can lead to full system takeover. Exploitable via ``namespace``.
CVE-2022-35156 SQL Injection in sqli (CVE-2022-35156)
SQL injection in sqli (CVE-2022-35156). Successful exploitation can lead to full system takeover.
CVE-2022-40030 SQL Injection in sqli (CVE-2022-40030)
SQL injection in sqli (CVE-2022-40030). Successful exploitation can lead to full system takeover.
CVE-2022-36536 Vulnerability in syncovery (CVE-2022-36536)
vulnerability in syncovery (CVE-2022-36536). Successful exploitation can lead to full system takeover.
CVE-2022-26258 KEV [KEV] OS Command Injection in D-link dir-820l (CVE-2022-26258)
OS command injection in D-link dir-820l (CVE-2022-26258). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →